| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Announce SCTP support in the kern.features sysctl variables.
MFC r270859:
Enable SCTP support. It runs perfectly fine on a Wandboard quad.
MFC r271204 with manual intervention:
Fix the handling of sysctl variables when used with VIMAGE.
While there do some cleanup of the code.
MFC r271209:
Fix a leak of an address, if the address is scheduled for removal
and the stack is torn down.
Thanks to Peter Bostroem and Jiayang Liu from Google for reporting the
issue.
MFC r271219:
Use SYSCTL_PROC instead of SYSCTL_VNET_PROC.
Suggested by: glebius@
MFC r271221:
Use union sctp_sockstore instead of struct sockaddr_storage. This
eliminates some warnings when building in userland.
Thanks to Patrick Laimbock for reporting this issue.
Remove also some unnecessary casts.
There should be no functional change.
MFC r271228:
Address another warnings reported by Patrick Laimbock when compiling
in userspace. While there, improve consistency.
MFC r271230:
Address warnings generated by the clang analyzer.
Approved by: re (kib)
|
| |
|
|
|
|
|
| |
Add the reverse part to rule #9. Also change its description in the
netstat(8) output.
Approved by: re (gjb)
|
| |
|
|
|
|
|
|
|
|
|
| |
Remove KASSERT from in6p_lookup_mcast_ifp().
When the devel/jenkins port, version 1.551 was started,
the kernel would panic if INVARIANTS was enabled in the kernel config.
Suggested by: bms
Approved by: re (gjb)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add some missing checks for unsupported interfaces (e.g. pflog(4)) when
handling ioctls. While here, remove duplicated checks for a NULL ifp in
in6_control(): this check is already done near the beginning of the
function.
MFC r270349:
Suppress warnings when retrieving protocol stats from interfaces that
don't support IPv6 (e.g. pflog(4)).
PR: 189117
Approved by: re (gjb)
|
| |
|
|
|
|
|
|
| |
Fix panic with RADIX_MPATH, when RTFREE_LOCKED() called for already
unlocked route. Use in6_rtalloc() instead of in6_rtalloc1. This helps
simplify the code and remove several now unused variables.
PR: 156283
|
| |
|
|
|
|
| |
Correct warnings comparing unsigned variables < 0 constantly reported
while building kernels. All instances removed are indeed unsigned so
the expressions could not be true.
|
| |
|
|
|
|
|
| |
Add new rule to source address selection algorithm. It prefers address
with better virtual status. Use ifa_preferred() to choose better address.
PR: 187341
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Add support for UDP-Lite protocol (RFC 3828) to IPv4 and IPv6 stacks.
Tested with vlc and a test suite [1].
[1] http://www.erg.abdn.ac.uk/~gerrit/udp-lite/files/udplite_linux.tar.gz
Reviewed by: jhb, glebius, adrian
- Fix a logic bug which prevented the sending of UDP packet with 0 checksum.
- Disable TX checksum offload for UDP-Lite completely. It wasn't used for
partial checksum coverage, but even for full checksum coverage it doesn't
work.
|
| |
|
|
|
|
| |
Remove unused variable.
PR: 173521
|
| |
|
|
|
|
| |
Properly release the in6_multi lock.
Sponsored by: Yandex LLC
|
| |
|
|
|
|
|
| |
Don't generate an ICMPv6 error message if packet was consumed by filter.
Remove unused label.
Sponsored by: Yandex LLC
|
| |
|
|
|
|
|
|
|
|
| |
- Remove rt_metrics_lite and simply put its members into rtentry.
- Use counter(9) for rt_pksent (former rt_rmx.rmx_pksent). This
removes another cache trashing ++ from packet forwarding path.
- Create zini/fini methods for the rtentry UMA zone. Via initialize
mutex and counter in them.
- Fix reporting of rmx_pksent to routing socket.
- Fix netstat(1) to report "Use" both in kvm(3) and sysctl(3) mode.
|
| |
|
|
|
|
|
| |
of IPSEC and packet filters.
PR: kern/185876
PR: kern/186755
|
| |
|
|
|
|
|
|
| |
Only count table lookups when we're actually processing packets.
PR: 183462
Submitted by: Sven-Thorsten Dietrich <thebigcorporation at gmail.com>
Reviewed by: bms
|
| |
|
|
|
|
|
|
|
|
| |
r261825, r261859, r261875, r261883, r261911, r262027, r262028, r262029,
r262030, r262162 from head.
Large flowtable revamp. See commit messages for merged revisions for
details.
Sponsored by: Netflix
|
| |
|
|
|
|
|
| |
Drop packets to multicast address whose scop field contains the
reserved value 0.
Sponsored by: Yandex LLC
|
| |
|
|
|
|
|
|
|
|
| |
Take exclusive lock only when lle isn't NULL. We don't need write access
to lle in most cases.
MFC r261583:
Unlock entry before retry.
Sponsored by: Yandex LLC
|
| |
|
|
|
|
|
| |
Remove extra nesting from X_ip6_mforward() function.
Also remove disabled definitions from ip6_mroute.h.
PR: 185148
|
| |
|
|
|
| |
Add MRT6_DLOG() macro for debugging.
Reduce number of MRT6DEBUG ifdefs and fix some broken format strings.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use an RLOCK here instead of an RWLOCK - matching all the other calls
to lla_lookup().
This drastically reduces the very high lock contention when doing parallel
TCP throughput tests (> 1024 sockets) with IPv6.
MFC r260187:
lla_lookup() does modification only when LLE_CREATE is specified.
Thus we can use IF_AFDATA_RLOCK() instead of IF_AFDATA_LOCK() when doing
lla_lookup() without LLE_CREATE flag.
MFC r260217:
Add IF_AFDATA_WLOCK_ASSERT() in case lla_lookup() is called with
LLE_CREATE flag.
|
| |
|
|
|
|
| |
In sys/netinet6/in6_mcast.c, in6m_is_ifp_detached() is only used
whenever KTR is defined, so put it between #ifdef KTR guards. This
avoids a warning about a unused function if KTR is not enabled.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove a buggy comparision when setting manually the path MTU.
After fixing, the comparision would have become redundant.
Thanks to Andrew Galante for reporting the issue.
MFC r257272:
Fix compilation if SCTP_DONT_DO_PRIVADDR_SCOPE is defined.
The issue was reported by Andrew Galante.
MFC r257274:
Fix the value of *optlen when calling getsockopt() for
SCTP_REMOTE_UDP_ENCAPS_PORT.
This issue was reported by Andrew Galante.
MFC r257359:
Terminate a debug output with a \n.
MFC r257555:
Changes from upstream to improve compilation when INET or INET6
or none of them is defined.
MFC r257574:
Unlock the lock before destroying it.
This issue was reported by Andrew Galante.
MFC r257800:
Use htons()/ntohs() appropriately.
These issues were reported by Andrew Galante.
MFC r257803:
Make sure that we don't try to build an ASCONF-ACK chunk
larger than what fits in the the mbuf cluster.
This issue was reported by Andrew Galante.
MFC r257804:
Get rid of the artification limitation enforced by
SCTP_AUTH_RANDOM_SIZE_MAX.
This was suggested by Andrew Galante.
MFC r258221:
Cleanups which result in fixes which have been made upstream
and where partially suggested by Andrew Galante.
There is no functional change in FreeBSD.
MFC r258224:
When determining if an address belongs to an stcb, take the address family
into account for wildcard bound endpoints.
MFC r258228:
Remove a stray write operation.
MFC r258235:
Use SCTP_PR_SCTP_TTL when the user provides a positive
timetolive in sctp_sendmsg().
Approved by: re@
|
| |
|
|
|
|
|
|
| |
Initialize inc_fibnum for properly handling ICMP6_PACKET_TOO_BIG
errors in multifib environment.
PR: 183265
Approved by: re (hrs)
|
| |
|
|
|
|
| |
Tested by: hselasky
PR: usb/182820
Approved by: re (glebius)
|
| |
|
|
|
|
| |
Submitted by: Loganaden Velvindron <logan elandsys.com>
Obtained from: NetBSD
Approved by: re (kib)
|
| |
|
|
|
|
| |
Submitted by: Loganaden Velvindron (logan elandsys.com)
Approved by: re (gjb)
MFC after: 6 days
|
| |
|
|
|
| |
Discussed with: andre
Approved by: re (rodrigc)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
transmission which could be tricked into rounding up to the nearest
page size, leaking up to a page of kernel memory. [13:11]
In IPv6 and NetATM, stop SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR
and SIOCSIFNETMASK at the socket layer rather than pass them on to the
link layer without validation or credential checks. [SA-13:12]
Prevent cross-mount hardlinks between different nullfs mounts of the
same underlying filesystem. [SA-13:13]
Security: CVE-2013-5666
Security: FreeBSD-SA-13:11.sendfile
Security: CVE-2013-5691
Security: FreeBSD-SA-13:12.ifioctl
Security: CVE-2013-5710
Security: FreeBSD-SA-13:13.nullfs
Approved by: re
|
| |
|
|
|
|
|
|
|
| |
matches the types used when computing hash indices and the type of the
maximum size of mfchashtbl[].
PR: kern/181821
Submitted by: Sven-Thorsten Dietrich <sven@vyatta.com> (IPv4)
MFC after: 1 week
|
| |
|
|
|
|
|
|
| |
ever intended for use in sysctl(8) and it has not used them for many
years.
Reviewed by: bde
Tested by: exp-run by bdrewery
|
| |
|
|
|
|
|
|
|
| |
dynamic translation so that their arguments match the definitions for
these providers in Solaris and illumos. Thus, existing scripts for these
providers should work unmodified on FreeBSD.
Tested by: gnn, hiren
MFC after: 1 month
|
| | |
|
| |
|
|
|
|
| |
The upper 32bits are not occupied for now.
Sponsored by: The FreeBSD Foundation
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
features. The changes in particular are:
o Remove rarely used "header" pointer and replace it with a 64bit protocol/
layer specific union PH_loc for local use. Protocols can flexibly overlay
their own 8 to 64 bit fields to store information while the packet is
worked on.
o Mechanically convert IP reassembly, IGMP/MLD and ATM to use pkthdr.PH_loc
instead of pkthdr.header.
o Extend csum_flags to 64bits to allow for additional future offload
information to be carried (e.g. iSCSI, IPsec offload, and others).
o Move the RSS hash type enumerator from abusing m_flags to its own 8bit
rsstype field. Adjust accessor macros.
o Add cosqos field to store Class of Service / Quality of Service information
with the packet. It is not yet supported in any drivers but allows us to
get on par with Cisco/Juniper in routing applications (plus MPLS QoS) with
a modernized ALTQ.
o Add four 8 bit fields l[2-5]hlen to store the relative header offsets
from the start of the packet. This is important for various offload
capabilities and to relieve the drivers from having to parse the packet
and protocol headers to find out location of checksums and other
information. Header parsing in drivers is a lot of copy-paste and
unhandled corner cases which we want to avoid.
o Add another flexible 64bit union to map various additional persistent
packet information, like ether_vtag, tso_segsz and csum fields.
Depending on the csum_flags settings some fields may have different usage
making it very flexible and adaptable to future capabilities.
o Restructure the CSUM flags to better signify their outbound (down the
stack) and inbound (up the stack) use. The CSUM flags used to be a bit
chaotic and rather poorly documented leading to incorrect use in many
places. Bring clarity into their use through better naming.
Compatibility mappings are provided to preserve the API. The drivers
can be corrected one by one and MFC'd without issue.
o The size of pkthdr stays the same at 48/56bytes (32/64bit architectures).
Sponsored by: The FreeBSD Foundation
|
| |
|
|
|
|
|
|
| |
can result in a buffer which is too small for the requested
operation.
Security: CVE-2013-3077
Security: FreeBSD-SA-13:09.ip_multicast
|
| |
|
|
|
|
|
|
| |
downwards layer crossings.
Consistently use it within IP, IPv6 and ethernet protocols.
Discussed with: trociny, glebius
|
| |
|
|
|
|
|
|
|
|
| |
flag instead. The flag is only used within the IP and IPv6 layer 3
protocols.
Because some firewall packages treat IPv4 and IPv6 packets the same the
flag should have the same value for both.
Discussed with: trociny, glebius
|
| |
|
|
| |
time_second should not be performed in this case.
|
| |
|
|
|
| |
SIOCGDRLST_IN6, and SIOCGNBRINFO_IN6 ioctl. These userland interfaces
treat expiration times in time_second, not time_uptime.
|
| |
|
|
|
|
|
|
|
| |
PF_INET6 in kernel. This fixes various malfunction when the wall time
clock is changed. Bump __FreeBSD_version to 1000041.
- Use clock_gettime(CLOCK_MONOTONIC_FAST) in userland utilities.
MFC after: 1 month
|
| | |
|
| |
|
|
|
|
|
| |
interfaces. This eliminates unnecessary IPv6 processing for non-IPv6
interfaces.
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
|
| |
structure is used, but they already have equal fields in the struct
newipsecstat, that was introduced with FAST_IPSEC and then was merged
together with old ipsecstat structure.
This fixes kernel stack overflow on some architectures after migration
ipsecstat to PCPU counters.
Reported by: Taku YAMAMOTO, Maciej Milewski
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
duplicated sockets a multicast address is bound and either
SO_REUSEPORT or SO_REUSEADDR is set.
But actually it works for the following combinations:
* SO_REUSEPORT is set for the fist socket and SO_REUSEPORT for the new;
* SO_REUSEADDR is set for the fist socket and SO_REUSEADDR for the new;
* SO_REUSEPORT is set for the fist socket and SO_REUSEADDR for the new;
and fails for this:
* SO_REUSEADDR is set for the fist socket and SO_REUSEPORT for the new.
Fix the last case.
PR: 179901
MFC after: 1 month
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Use uint64_t as type for all fields of structures.
Changed structures: ahstat, arpstat, espstat, icmp6_ifstat, icmp6stat,
in6_ifstat, ip6stat, ipcompstat, ipipstat, ipsecstat, mrt6stat, mrtstat,
pfkeystat, pim6stat, pimstat, rip6stat, udpstat.
Discussed with: arch@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dereferencing, when checking for SO_REUSEPORT option (and SO_REUSEADDR
for multicast), INP_REUSEPORT flag was introduced to cache the socket
option. It was decided then that one flag would be enough to cache
both SO_REUSEPORT and SO_REUSEADDR: when processing SO_REUSEADDR
setsockopt(2), it was checked if it was called for a multicast address
and INP_REUSEPORT was set accordingly.
Unfortunately that approach does not work when setsockopt(2) is called
before binding to a multicast address: the multicast check fails and
INP_REUSEPORT is not set.
Fix this by adding INP_REUSEADDR flag to unconditionally cache
SO_REUSEADDR.
PR: 179901
Submitted by: Michael Gmelin freebsd grem.de (initial version)
Reviewed by: rwatson
MFC after: 1 week
|
